VAR-202311-0438
Vulnerability from variot - Updated: 2025-02-20 20:02A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator. 6gk5205-3bb00-2ab2 firmware, 6gk5205-3bb00-2tb2 firmware, 6gk5205-3bd00-2tb2 Multiple Siemens products, including firmware, contain vulnerabilities related to direct request submission.Information may be tampered with. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. SCALANCE W products are wireless communication devices for connecting industrial components, such as programmable logic controllers (PLCs) or human machine interfaces (HMIs), in compliance with the IEEE 802.11 standards (802.11ac, 802.11a/b/g/h and/or 802.11n). The SCALANCE W-1700 product is a wireless communication device based on the IEEE 802.11ac standard. They are used to connect various WLAN devices (access points or clients, depending on the operating mode), focusing on industrial components such as programmable logic controllers (PLC) or human machine interfaces (HMI), etc. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs).
Several Siemens products have forced browsing vulnerabilities that attackers can exploit to affect the user interface configured by administrators
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202311-0438",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "6gk5208-0ra00-5ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-3rs00-5ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ba00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ba00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ha00-2es6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5213-3bd00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2bb00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ba00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5213-3bf00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5324-0ba00-2ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5205-3bd00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5328-4fs00-3rr3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2bd00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5205-3bd00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5205-3bb00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5328-4ss00-3ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5326-2qs00-3ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2gs00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ga00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ha00-2as6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ua00-5es6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ga00-2tc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5328-4ss00-2ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ha00-2ts6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5205-3bb00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2bs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-4gs00-2tc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ha00-2as6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5224-4gs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ha00-2ts6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6ag1216-4bs00-7ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5224-4gs00-2tc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2gs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ba00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2rs00-5ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ba00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5328-4fs00-2ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5324-0ba00-3ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-4gs00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5204-2aa00-2gf2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2gs00-2tc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6ag1206-2bb00-7ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5204-0ba00-2gf2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5204-0ba00-2yf2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6ag1206-2bs00-7ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2bs00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ua00-5es6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ba00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5213-3bd00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2rs00-5fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5206-2rs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ba00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5224-0ba00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5213-3bb00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5204-2aa00-2yf2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5326-2qs00-3rr3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5328-4fs00-3ar3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5213-3bf00-2tb2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5328-4fs00-2rr3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-4gs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ga00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5208-0ra00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5205-3bf00-2tb2",
"scope": "lte",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5224-4gs00-2fc2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ha00-2es6",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ba00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-3rs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5205-3bf00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-4bs00-2ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5213-3bb00-2ab2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6ag1208-0ba00-7ac2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "6gk5216-0ba00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5206-2bd00-2ac2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5205-3bd00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5213-3bb00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5213-3bb00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5206-2rs00-5ac2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5216-0ba00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5205-3bd00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5208-0ba00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5205-3bb00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5205-3bf00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5206-2rs00-2ac2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5213-3bd00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5213-3bf00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5213-3bf00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5213-3bd00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5205-3bb00-2ab2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5206-2bb00-2ac2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5208-0ba00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "6gk5205-3bf00-2tb2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance xc216eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc224",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc224-4c g",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc224-4c g eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xf204",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xf204 dna",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xf204-2ba",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xf204-2ba dna",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xp208",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xp208eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xp208poe eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xp216",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xp216eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xp216poe eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xr324wg",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xr326-2c poe wg",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xr328-4c wg",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "siplus net scalance xc206-2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "siplus net scalance xc206-2sfp",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "siplus net scalance xc208",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "siplus net scalance xc216-4c",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc206-2g poe",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc206-2g poe eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc206-2sfp",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc206-2sfp eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc206-2sfp g",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc208eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc208g",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc208g eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc208g poe",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc216",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc216-3g poe",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc216-4c",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc216-4c g",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc216-4c g eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xb205-3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xb205-3ld",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xb208",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xb213-3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xb213-3ld",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xb216",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
},
{
"model": "scalance xc206-2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "4.5"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"cve": "CVE-2023-44320",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2023-86594",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2023-44320",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2023-44320",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2023-44320",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2023-44320",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2023-44320",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2023-86594",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V7.2.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions \u003c V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions \u003c V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions \u003c V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions \u003c V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions \u003c V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions \u003c V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions \u003c V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions \u003c V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions \u003c V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions \u003c V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions \u003c V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions \u003c V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions \u003c V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions \u003c V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions \u003c V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions \u003c V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions \u003c V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions \u003c V3.0.0). Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator. 6gk5205-3bb00-2ab2 firmware, 6gk5205-3bb00-2tb2 firmware, 6gk5205-3bd00-2tb2 Multiple Siemens products, including firmware, contain vulnerabilities related to direct request submission.Information may be tampered with. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. SCALANCE W products are wireless communication devices for connecting industrial components, such as programmable logic controllers (PLCs) or human machine interfaces (HMIs), in compliance with the IEEE 802.11 standards (802.11ac, 802.11a/b/g/h and/or 802.11n). The SCALANCE W-1700 product is a wireless communication device based on the IEEE 802.11ac standard. They are used to connect various WLAN devices (access points or clients, depending on the operating mode), focusing on industrial components such as programmable logic controllers (PLC) or human machine interfaces (HMI), etc. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). \n\r\n\r\nSeveral Siemens products have forced browsing vulnerabilities that attackers can exploit to affect the user interface configured by administrators",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-44320"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"db": "VULMON",
"id": "CVE-2023-44320"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-44320",
"trust": 3.3
},
{
"db": "SIEMENS",
"id": "SSA-699386",
"trust": 2.5
},
{
"db": "SIEMENS",
"id": "SSA-180704",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-068047",
"trust": 1.0
},
{
"db": "SIEMENS",
"id": "SSA-769027",
"trust": 1.0
},
{
"db": "SIEMENS",
"id": "SSA-602936",
"trust": 1.0
},
{
"db": "ICS CERT",
"id": "ICSA-23-320-08",
"trust": 0.9
},
{
"db": "JVN",
"id": "JVNVU95962757",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU98271228",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92598492",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU91198149",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-23-348-14",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-24-046-09",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-25-044-09",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-86594",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-44320",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"db": "VULMON",
"id": "CVE-2023-44320"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"id": "VAR-202311-0438",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
}
],
"trust": 1.2076911999999997
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
}
]
},
"last_update_date": "2025-02-20T20:02:50.180000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Forced browsing vulnerabilities in multiple Siemens products",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/482266"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-425",
"trust": 1.0
},
{
"problemtype": "Direct request submission (CWE-425) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-699386.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-068047.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-602936.html"
},
{
"trust": 0.9,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92598492/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98271228/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91198149/index.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu95962757/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-44320"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-14"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-046-09"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"db": "VULMON",
"id": "CVE-2023-44320"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"db": "VULMON",
"id": "CVE-2023-44320"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"date": "2023-11-14T00:00:00",
"db": "VULMON",
"id": "CVE-2023-44320"
},
{
"date": "2024-01-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"date": "2023-11-14T11:15:12.757000",
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-86594"
},
{
"date": "2023-11-14T00:00:00",
"db": "VULMON",
"id": "CVE-2023-44320"
},
{
"date": "2025-02-17T07:56:00",
"db": "JVNDB",
"id": "JVNDB-2023-017960"
},
{
"date": "2025-02-11T11:15:11.747000",
"db": "NVD",
"id": "CVE-2023-44320"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Direct request vulnerability in multiple Siemens products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-017960"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…